Jérôme Segura
Lead Malware Intelligence Analyst

Security researcher with a focus on exploits, malvertising and fraud.

November 9, 2016 - In this post, we review the changes in the exploit kit landscape over the past months by looking at new arrivals and departures.

CONTINUE READING3 Comments

November 2, 2016 - A flaw found in an HTML5 API is being used by tech support scammers to push fraudulent pages and freeze people's computers with a fake virus warning.

CONTINUE READING8 Comments

November 1, 2016 - In this post we take a look at a malvertising campaign that we traced back to late August and that is targeting adult traffic. While initially pushing the Neutrino exploit kit, it switched to RIG EK in September. We estimate that at least one million visitors to adult websites were exposed to this particular campaign.

CONTINUE READING1 Comment

October 18, 2016 - The Sundown exploit kit is keeping us busy by switching from one variant to the next. This latest one clearly was inspired by the original source code and we take the time to explore it a little bit more.

CONTINUE READING5 Comments

October 17, 2016 - In this post we take a quick glance at some changes made to the Sundown exploit kit. The landing page has been tweaked and uses various obfuscation techniques. Sundown is used in some smaller campaigns and in this particular case dropped a downloader followed by a banking Trojan.

CONTINUE READINGNo Comments

Select your language